Welcome to TACAR

Since its inception in 2003, TACAR has been solving a major problem in the use of Public Key Infrastructures (PKI): the ability to cost-effectively and securely retrieve and download CA root certificates needed by browsers, in situations where the root certificates are not pre-installed in the browsers, applications and operating systems.

TACAR verifies, stores and distributes root certificates managed by institutions and/or organisations that support non-profit research projects in the academic community, such as research and education networking organisations (NREN), National Academic Public Key Infrastructure (PKI) universities and research centres. Many of these are GÉANT members.

TACAR does not operate a CA, assess CA policies nor validate the vetting procedures used by CAs to issue certificates. Assessments of CAs must be done by the relevant Policy Management Authorities (PMAs).
[Read more about PMAs and TACAR]

Joining TACAR

A CA is eligible for TACAR if the CA meets one of the following criteria:

The CA is managed by or on behalf of a NREN

The CA is operated to support non-profit research projects, in which the academic (including the eScience) community is directly involved

To register a new CA with TACAR, the representative of participating CA must fill in the form provided in the TACAR Policy.
A face-to-face meeting between a representative of the applying CA and the TACAR representative is needed the first time a new CA applies to enter TACAR.

A TACAR representative is either a GÉANT Officer or a Trusted Introducer (TI), who undertakes the verification process normally undertaken by the GÉANT Officer.

The current TIs are:

David Groep (NIKHEF) representing the EUGridPMA

Yosho Tanaka (AIST) representing the APGrid PMA

Mike Helm (EsNET) representing the TAG PMA

For more information on the TI's role please refer to the TACAR Policy.